Размер файла: 5.19Kb
<?php
include "ini3.php";
include "includes/header2.php";
$id=cyr(htmlspecialchars(stripslashes(trim($id))));
$pass=cyr(htmlspecialchars(stripslashes(trim($pass))));
if(!empty($id))
{
$q = mysql_query("select * from users where id='".$id."';");
}
else
{
die ("Ошибка!</body></html>");
}
$data = mysql_fetch_array($q);
$id=$data['id'];
$login=$data['login'];
$health=$data['health'];
$admin=$data['admin'];
if(md5($pass)!=$data['pass'])
{
die ("Ошибка!</body></html>");
}
$date=date("H:i d.m.Y");
switch($mode){
default:
$all2=mysql_num_rows(mysql_query("select * from news"));
print "<u>[Новости($all2)]</u><br/>";
if($all2>0){
$all = mysql_num_rows(mysql_query("SELECT * FROM news"));
if(isset($_GET['s'])){$s=intval($_GET['s']);}else{$s=0;}
if($s<0) $s=0;
if($s>$all) $s=0;
$c=$s+1;
$a = mysql_query("select * from news order by dbid desc limit ".$s.", 5 ;");
while($ab=mysql_fetch_array($a)){
$nid=$ab['dbid'];
$text=$ab['text'];
$mtime=$ab['date'];
$mtitle=$ab['title'];
include "gb/smile.php";
print "<b>$mtitle</b>[$mtime]<br/>";
print "$text<br/>";
print "---<br/>";
}
if($all>0)
{
$ba=ceil($all/5);
$ba2=$ba*5-5;
echo "Страницы:";
$asd=$s-(5*3);
$asd2=$s+(5*4);
if($asd<$all && $asd>0){
print "<a href=\"news.php?id=$id&pass=$pass&start=0\">1 |</a>";
}
for($i=$asd; $i<$asd2;)
{
if($i<$all && $i>=0)
{
$ii=floor(1+$i/5);
if($s==$i)
{
echo ' '.$ii;
}
else
{
print "<a href=\"news.php?id=$id&pass=$pass&s=$i\">$ii |</a>";
}
}
$i=$i+5;
}
if($asd2<$all){echo " .. <a href=\"news.php?id=$id&pass=$pass&s=$ba2\">$ba |</a>";
}
}
}else{
print "Новостей нет!<br/>";
}
break;
case "addnews":
if($admin==7){
if($p==1){
$datet=date("H:i d.m.Y");
$text = str_replace('И', 'и', $text);
$text = str_replace('ш', 'Ш', $text);
$title = str_replace('И', 'и', $title);
$title = str_replace('ш', 'Ш', $title);
mysql_query("insert into news values(0,'$title','$text','$date');");
print "Новость добавлена<br/>";
}else{
echo "<form action=\"news.php?id=$id&pass=$pass&mode=addnews&p=1\" method='POST'>
Заголовок:<br/>
<input name=\"title\" value=\"$title\" maxlength=\"50\"/><br/>
Введите новость:<br/>
<textarea name=\"text\" rows=\"7\" cols=\"25\"></textarea><br/>
<input type=\"submit\" class=\"button\" value=\"Добавить\" /></form>";
}
}
break;
case "editnews":
if($admin==7){
if($p!=1 && $p!=2){
$all2=mysql_num_rows(mysql_query("select * from news"));
print "<u>[Новости($all2)]</u><br/>";
if($all2>0){
$all = mysql_num_rows(mysql_query("SELECT * FROM news"));
if(isset($_GET['s'])){$s=intval($_GET['s']);}else{$s=0;}
if($s<0) $s=0;
if($s>$all) $s=0;
$c=$s+1;
$a = mysql_query("select * from news order by dbid desc limit ".$s.", 5 ;");
while($ab=mysql_fetch_array($a)){
$nid=$ab['dbid'];
$text=$ab['text'];
$mtime=$ab['date'];
$mtitle=$ab['title'];
include "gb/smile.php";
print "<b>$mtitle</b>[$mtime]<br/>";
print "$text<br/>";
print "<a href=\"news.php?id=$id&pass=$pass&mode=editnews&nid=$nid&p=1\">Редактировать</a><br/>";
print "<a href=\"news.php?id=$id&pass=$pass&mode=editnews&nid=$nid&p=2\">Удалить</a><br/>";
print "---<br/>";
}
if($all>0)
{
$ba=ceil($all/5);
$ba2=$ba*5-5;
echo "Страницы:";
$asd=$s-(5*3);
$asd2=$s+(5*4);
if($asd<$all && $asd>0){
print "<a href=\"news.php?id=$id&pass=$pass&start=0&mode=editnews\">1 |</a>";
}
for($i=$asd; $i<$asd2;)
{
if($i<$all && $i>=0)
{
$ii=floor(1+$i/5);
if($s==$i)
{
echo ' '.$ii;
}
else
{
print "<a href=\"news.php?id=$id&pass=$pass&s=$i&mode=editnews\">$ii |</a>";
}
}
$i=$i+5;
}
if($asd2<$all){echo " .. <a href=\"news.php?id=$id&pass=$pass&s=$ba2&mode=editnews\">$ba |</a>";
}
}
}else{
print "Новостей нет!<br/>";
}
}
elseif($p==1){
if($s==1){
$nid=cyr(htmlspecialchars(stripslashes(trim($nid))));
mysql_query("update news set text='$ntext',title='$ntitle' where dbid='$nid';");
print "Сохранено!<br/>";
}else{
$nid=cyr(htmlspecialchars(stripslashes(trim($nid))));
$a = mysql_query("select * from news where dbid='$nid';");
$ab=mysql_fetch_array($a);
$text1=$ab['text'];
$title1=$ab['title'];
echo "<form action=\"news.php?id=$id&pass=$pass&mode=editnews&p=1&s=1&nid=$nid\" method=\"post\">
<postfield name=\"ntext\" value=\"$(ntext)\"/>
<postfield name=\"ntitle\" value=\"$(ntitle)\"/>";
print "Заголовок: <br/>";
print "<input name=\"ntitle\" value=\"$title1\" maxlength=\"50\"/><br/>
Новость:<br/>
<textarea name=\"ntext\" rows=\"7\" cols=\"25\">$text1</textarea><br/>";
echo "<input class=\"button\" type=\"submit\" value=\"Редактировать\"/></form>";
}
}
elseif($p==2){
$nid=cyr(htmlspecialchars(stripslashes(trim($nid))));
mysql_query("delete from news where dbid='$nid';");
print "Новость удалена<br/>";
}
}
break;
}
print "<br/>---<br/>><a href=\"news.php?id=$id&pass=$pass\">Новости</a>";
print "<br/>>><a href=\"game.php?id=$id&pass=$pass\">Меню</a>";
print "<br/>---";
print "</body></html>";
?>